point to point tunnel

Posted on 2008-06-10
Last Modified: 2010-04-12
I have connect a remote office in a different state to the main office. The main office currently has a Sonicwall TZ170 for it's firewall. The remote office doesn't have anything yet. What would be the best solution for this? I would like for the remote site to work of the main office servers just like it's in the same building. Would the best solution be for  purchasing a T1 line tunnel from A to B or would any internet work and just use the hardware? I've never set up one before so any help including white pages would be appreciated.
Question by:cnmgt
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 28

Expert Comment

ID: 21758195
There are several approaches you can take to this.  One would be a dedicated T1 from site to site. This is fairly effective and costs are "reasonable"  If you don't have huge data needs you could look into using local DSL or Cable connectivity to get to the Internet and establish a VPN.  The downside to this is dealing with local phone or cable companies. Depending on your internal set up you might be able to run a T1 connection without having to have a VPN in place as it's a dedicated line. You don't have to use hardware-based VPN connectivity as Windows and Mac have it built-in, but I find that using Cisco hardware devices at each end makes for an always on VPN connection that in effect puts your remote office on your local office and is very stable.

If you have bigger data needs you might also look into a multi-MB WAN connection if your provider can supply one.  We use such a connection from TWTC between sites and it works very well.  You might also look into the WAN connection instead of the T1 just in terms of pricing.  Sometimes these newer connections are less expensive than the older T1 technology.

We have 20-30 sites that are remote to our main location and we have used both the WAN connection (replaced T1) and DSL/Cable connections.  We use WAN for larger sites and DSL/Cable for smaller ones.  WAN connections come right into switches at our site and run as a separate IP segment...this is a direct connect for us and no VPN's an extension of our primary network.  All smaller sites use the cisco hardware to hardware VPN setup and unless the phone/cable company has an issue it works really well.

Author Comment

ID: 21758986
Do know of any links for a detail WAN setup? Our problem is the Cali office connects to the main office in Colorado using a web interface. We have a Sonicwall SSL device. Once they establish the connection then the click the link for the terminal server. It runs slow and they are kicked off constantly. I think it might be running slow because the company uses a NAS device using sata drives for file sharing. I don't think NAS is designed for constant network use.
LVL 28

Accepted Solution

jhyiesla earned 500 total points
ID: 21759059
Not really. It depends on what your end points look like in terms of terminating equipment and what features your Provider offers. Your provider should be able to advise you on what you need to complete the connection based on your network topology.  For example, we use WAN links for both Internet access for our entire company and for connection of our larger sites to our main network. The lines from the Vendors perspective are different because of what we are trying to accomplish with each. They both terminate at our facility through our edge router to a Cisco switch. However, the Internet connection goes directly to our firewall and then on to the network and the other link goes to a BGP router and then on to our main switch.

If you decide to go with the high speed WAN link, make sure your provider works with you and understands your topology completely and gives you help in configuring your endpoint equipment. We didn't do as good a job as we should have with this and ended up doing a lot of work after the fact which delayed the bring up of the links and extended the initial troubleshooting that we had to do.

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using Windows 2008 RRAS, I was able to successfully VPN into the network, but I was having problems restricting my test user from accessing certain things on the network.  I used Google in order to try to find out how to stop people from accessing c…
Let’s list some of the technologies that enable smooth teleworking. 
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question